The thing on the list that was missing was securing your local file system when installing Magento. The default installation asks for certain directories to be writable. This is necessary for certain things. But what we lazy installers sometimes do is just make the whole thing writable to make installation easier. And while I am not aware of any specific Magento vulnerability like the one noted it is definitely a good practice to deny write access to all but the necessary files. This is done by changing the permission settings on the files but changing the file ownership so that the web server user is unable to change the permissions to something more permissive. And for the files that you need write access to you should deny access via either .htaccess or <directory> settings in httpd.conf so they can’t be called remotely.

So, the 11th thing to do is to secure your file system by denying write access to the server user that is running your Magento code.